function process()
{
$mask = array('email' => 'email', 'password' => 'string');
$params = Request::checkPostParameters($mask);
// к нам ломится пользователь с логином паролем.
global $current_user;
/* @var $current_user CurrentUser */
$result = $current_user->authorize_password($params['email'], $params['password']);
if ($result !== true) {
$this->setWriteParameter('AuthModule', 'error', $result);
} else {
$current_user->save();
}
}
function process()
{
$params = Request::checkPostParameters(array('action' => 'string'));
//die(print_r(Request::$post));
switch ($params['action']) {
case 'edit_pages':
$this->editPages();
break;
case 'edit_pages_addmodule':
$this->addPageModule();
break;
case 'edit_modules':
$this->editModules();
break;
}
}
function write()
{
global $current_user;
/* @var $current_user CurrentUser */
if ($current_user->authorized) {
$mask = array('id' => 'int', 'bday' => 'string', 'city_id' => 'int', 'link_fb' => array('type' => 'string', '*' => true), 'link_vk' => array('type' => 'string', '*' => true), 'link_lj' => array('type' => 'string', '*' => true), 'link_tw' => array('type' => 'string', '*' => true), 'quote' => array('type' => 'string', '*' => true), 'about' => array('type' => 'string', '*' => true));
$params = Request::checkPostParameters($mask);
if ($current_user->id == $params['id']) {
//avatar
if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) {
$filename = Config::need('avatar_upload_path') . '/' . $current_user->id . '.jpg';
$upload = new UploadAvatar($_FILES['picture']['tmp_name'], 100, 100, "simple", $filename);
if ($upload->out) {
$current_user->setProperty('picture', 1);
} else {
throw new Exception('cant copy file to ' . $filename, 100);
}
}
//bday
$current_user->setProperty('bday', max(0, (int) @strtotime($params['bday'])));
// city
$current_user->setProperty('city_id', $params['city_id']);
// facebook etc
$current_user->setPropertySerialized('link_fb', $params['link_fb']);
$current_user->setPropertySerialized('link_vk', $params['link_vk']);
$current_user->setPropertySerialized('link_tw', $params['link_tw']);
$current_user->setPropertySerialized('link_lj', $params['link_lj']);
$params['quote'] = htmlspecialchars($params['quote']);
$params['about'] = htmlspecialchars($params['about']);
$current_user->setPropertySerialized('quote', $params['quote']);
$current_user->setPropertySerialized('about', $params['about']);
$current_user->save();
// после редактирования профиля надо посбрасывать кеш со страницы профиля
// и со страницы редактирования профиля
// кеш в остальных модулях истечет сам
Cache::drop(Request::$pageName . '_ProfileModule_' . $current_user->id, Cache::DATA_TYPE_XML);
//xmlthemeDefault_ru_user_ProfileModule
Cache::drop(Request::$pageName . '_ProfileModule_' . $current_user->id . 'edit', Cache::DATA_TYPE_XML);
//xmlthemeDefault_ru_user_ProfileModule_19
}
}
}
function isNicknameUnique()
{
global $current_user;
$this->data['success'] = 1;
if (!$current_user->authorized) {
$this->error('Auth');
return;
}
$nickname = isset($_POST['nickname']) ? $_POST['nickname'] : false;
$mask = array('nickname' => array('type' => 'string', 'regexp' => '/^[A-Za-z][A-Za-z0-9_]+$/', 'min_length' => 3, 'max_length' => 26));
Request::initialize();
try {
$params = Request::checkPostParameters($mask);
} catch (Exception $e) {
$this->error($e->getMessage());
return;
}
$nickname = trim($params['nickname']);
if ($nickname) {
$query = 'SELECT COUNT(1) as cnt FROM `users` WHERE `nickname`=' . Database::escape($nickname) . ' AND `id` <> ' . $current_user->id;
$cnt = Database::sql2single($query);
if ($cnt) {
$this->error('already_taken');
return;
} else {
return true;
}
} else {
$this->error('Illegal nickname ^[A-Za-z][A-Za-z0-9_]+$');
return;
}
}
function write()
{
global $current_user;
/* @var $current_user CurrentUser */
if (!$current_user->authorized) {
Error::CheckThrowAuth();
}
$mask = array('id' => 'int', 'bday' => 'string', 'city_id' => 'int', 'role' => array('type' => 'int', '*' => true), 'link_fb' => array('type' => 'string', '*' => true), 'link_vk' => array('type' => 'string', '*' => true), 'link_lj' => array('type' => 'string', '*' => true), 'link_tw' => array('type' => 'string', '*' => true), 'quote' => array('type' => 'string', '*' => true), 'about' => array('type' => 'string', '*' => true));
$params = Request::checkPostParameters($mask);
$uid = isset($params['id']) ? $params['id'] : 0;
if (!$uid) {
throw new Exception('illegal user id');
}
if ($current_user->id != $params['id']) {
if ($current_user->getRole() >= User::ROLE_SITE_ADMIN) {
$editing_user = Users::getByIdsLoaded(array($params['id']));
$editing_user = isset($editing_user[$params['id']]) ? $editing_user[$params['id']] : false;
}
} else {
$editing_user = $current_user;
}
if ($editing_user) {
//avatar
if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) {
$filename = Config::need('avatar_upload_path') . '/' . $editing_user->id . '.jpg';
$upload = new UploadAvatar($_FILES['picture']['tmp_name'], 50, 50, "simple", $filename);
$filename = Config::need('avatar_upload_path') . '/big_' . $editing_user->id . '.jpg';
$upload = new UploadAvatar($_FILES['picture']['tmp_name'], 100, 100, "simple", $filename);
if ($upload->out) {
$editing_user->setProperty('avatar', 'jpg');
} else {
throw new Exception('cant copy file to ' . $filename, 100);
}
}
if ($editing_user->getRole() < User::ROLE_SITE_ADMIN) {
if ($current_user->getRole() >= User::ROLE_SITE_ADMIN) {
if (($new_role = (int) $params['role']) !== false) {
foreach (Users::$rolenames as $id => $name) {
if ($id == $new_role) {
if ($new_role <= User::ROLE_SITE_ADMIN) {
$editing_user->setRole($new_role);
}
}
}
}
}
}
//bday
$editing_user->setProperty('bday', max(0, (int) @strtotime($params['bday'])));
// city
$editing_user->setProperty('city_id', $params['city_id']);
// facebook etc
$editing_user->setPropertySerialized('link_fb', $params['link_fb']);
$editing_user->setPropertySerialized('link_vk', $params['link_vk']);
$editing_user->setPropertySerialized('link_tw', $params['link_tw']);
$editing_user->setPropertySerialized('link_lj', $params['link_lj']);
$params['quote'] = htmlspecialchars($params['quote']);
$params['about'] = htmlspecialchars($params['about']);
$editing_user->setPropertySerialized('quote', $params['quote']);
$editing_user->setPropertySerialized('about', $params['about']);
$editing_user->save();
// после редактирования профиля надо посбрасывать кеш со страницы профиля
// и со страницы редактирования профиля
// кеш в остальных модулях истечет сам
Users::dropCache($editing_user->id);
} else {
Error::CheckThrowAuth(User::ROLE_SITE_ADMIN);
}
}
function write()
{
global $current_user;
/* @var $current_user CurrentUser */
$mask = array('id' => 'int', 'nickname' => array('type' => 'string', 'regexp' => '/^[A-Za-z][A-Za-z0-9_]+$/', 'min_length' => 3, 'max_length' => 26, '*' => true), 'role' => array('type' => 'int', '*' => true), 'link_fb' => array('type' => 'string', '*' => true), 'link_vk' => array('type' => 'string', '*' => true), 'link_lj' => array('type' => 'string', '*' => true), 'link_tw' => array('type' => 'string', '*' => true), 'quote' => array('type' => 'string', '*' => true), 'about' => array('type' => 'string', '*' => true));
$params = Request::checkPostParameters($mask);
$uid = isset($params['id']) ? $params['id'] : 0;
if (!$uid) {
throw new Exception('illegal user id');
}
if ($current_user->id != $params['id']) {
if ($current_user->getRole() >= User::ROLE_BIBER) {
$editing_user = Users::getByIdsLoaded(array($params['id']));
$editing_user = isset($editing_user[$params['id']]) ? $editing_user[$params['id']] : false;
}
} else {
$editing_user = $current_user;
}
$current_user->can_throw('users_edit', $editing_user);
if ($editing_user) {
if (trim($params['nickname']) != $editing_user->getNickName()) {
if (!$editing_user->checkNickChanging()) {
throw new Exception('You can\'t change your nickname');
}
}
//avatar
if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) {
$filename = Config::need('avatar_upload_path') . '/' . $editing_user->id . '.jpg';
$folder = Config::need('avatar_upload_path');
$filename_normal = $folder . '/default_' . $editing_user->id . '.jpg';
$filename_small = $folder . '/small_' . $editing_user->id . '.jpg';
$filename_big = $folder . '/big_' . $editing_user->id . '.jpg';
$filename_orig = $folder . '/orig_' . $editing_user->id . '.jpg';
$thumb = new Thumb();
$thumb->createThumbnails($_FILES['picture']['tmp_name'], array($filename_small, $filename_normal, $filename_big, $filename_orig), self::$cover_sizes);
$editing_user->setProperty('picture', 1);
$editing_user->setProperty('lastSave', time());
}
if ($editing_user->getRole() < User::ROLE_SITE_ADMIN) {
if ($current_user->getRole() == User::ROLE_BIBER) {
if (($new_role = (int) $params['role']) !== false) {
foreach (Users::$rolenames as $id => $name) {
if ($id == $new_role) {
if ($new_role < User::ROLE_SITE_ADMIN) {
$editing_user->setRole($new_role);
}
}
}
}
}
if ($current_user->getRole() > User::ROLE_BIBER) {
if (($new_role = (int) $params['role']) !== false) {
foreach (Users::$rolenames as $id => $name) {
if ($id == $new_role) {
if ($new_role <= User::ROLE_SITE_ADMIN) {
$editing_user->setRole($new_role);
}
}
}
}
}
}
$editing_user->save();
// после редактирования профиля надо посбрасывать кеш со страницы профиля
// и со страницы редактирования профиля
// кеш в остальных модулях истечет сам
Users::dropCache($editing_user->id);
} else {
Error::CheckThrowAuth(User::ROLE_SITE_ADMIN);
}
}
function write()
{
global $current_user;
$this->setWriteParameter('RegisterModule', 'result', false);
$mask = array('email' => 'email', 'password' => array('type' => 'string', 'min_length' => 6, 'max_length' => 16), 'nickname' => array('type' => 'string', 'regexp' => '/^[A-Za-z][A-Za-z0-9_]+$/', 'min_length' => 3, 'max_length' => 26, '*' => true));
$params = Request::checkPostParameters($mask);
$error = false;
if ($params['email'] === false) {
$error = true;
$this->setWriteParameter('RegisterModule', 'email_error', 'email_incorrect');
}
if ($params['password'] === false) {
$error = true;
$this->setWriteParameter('RegisterModule', 'password_error', 'password incorrect');
}
if ($params['nickname'] === false) {
$this->setWriteParameter('RegisterModule', 'nickname_error', 'nickname_incorrect');
}
foreach ($params as $f => $v) {
$this->setWriteParameter('RegisterModule', $f, $v);
}
if ($error) {
return false;
}
// не занят ли email
$query = 'SELECT COUNT(1) FROM `users` WHERE
`email`=\'' . $params['email'] . '\'';
$email_twiced = Database::sql2single($query);
if ($email_twiced) {
$this->setWriteParameter('RegisterModule', 'email_error', 'email_twiced');
return;
}
// не занят ли ник. если занят, будет пока без ника - предложим поменять в лк
if ($params['nickname']) {
$query = 'SELECT COUNT(1) FROM `users` WHERE
`nickname`=\'' . $params['nickname'] . '\'';
$nickname_twiced = Database::sql2single($query);
if ($nickname_twiced) {
$nickname = $current_user->getAvailableNickname($params['nickname']);
$this->setWriteParameter('RegisterModule', 'nickname_changed', $nickname);
} else {
$nickname = $params['nickname'];
}
} else {
$nickname_from_email = substr($params['email'], 0, strpos($params['email'], '@'));
$nickname = $current_user->getAvailableNickname($nickname_from_email);
}
// закончили проверять параметры. теперь пишем пользователя в базу
$r = $current_user->register($nickname, $params['email'], $params['password']);
if ($r) {
// мы успешно добавили пользователя в базу
$register_url = Config::need('www_path') . '/emailconfirm/' . $current_user->id . '/' . $r;
// теперь отсылаем ему письмо
$data = array('email' => $params['email'], 'nickname' => $nickname, 'password' => $params['password'], 'register_url' => $register_url);
Mailer::send(Config::need('register_email_from'), $params['email'], $nickname, $this->email_subject, $data, 'register.xsl');
// передаем в шаблон "всё в порядке!"
$this->setWriteParameter('RegisterModule', 'success', $nickname);
// выходим
return;
}
// а это может случиться при регистрации 2х юзеров с одним мылом/ником одновременно или падении бд
$this->setWriteParameter('RegisterModule', 'error', 'database_error');
}